popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 486b82bc16bacd79_logs.dat
Submit file
Filepath C:\ProgramData\Remcos\logs.dat
Size 260.0B
Processes 2976 (windowsjx.exe)
Type data
MD5 7760f8d522130656200982d9d74f2de6
SHA1 fdacbc65eabb5ce6c371e815bfa1588633aec04e
SHA256 486b82bc16bacd79f2034d34c7fce539beaaab217ca4a57310422d7658f6e6fd
CRC32 4164A1A5
ssdeep 6:6lVdnU5YcIeeDAlOWA4dbJWEogltmgXl1oV:6lVaec0WNW+ltZI
Yara None matched
VirusTotal Search for analysis
Name 8f47dbd8189dbe96_invoice_a_202.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\invoice_a_202.exe
Size 465.0KB
Processes 2560 (wscript.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f9e94909637a6b6471565022188ab2be
SHA1 b7b70fe9831829ebbe8e810d4d0a6253205dd640
SHA256 8f47dbd8189dbe96bda7511f2a37277ee9fab8a763619d120c0fe49d953124b7
CRC32 794BB34B
ssdeep 6144:2/Ya3uK4MW5sl80PF2hV/4puXyjSJ5DwFiyycdFXErWksAOZZgjXAccD6N:2/YaejslPd2f/4njSJJwLZ4sfZgpN
Yara
  • Network_Downloader - File Downloader
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • infoStealer_browser_b_Zero - browser info stealer
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 83c605c88e0c4c9b_time_20240711_072027.jpg
Submit file
Filepath C:\Users\test22\AppData\Roaming\Screenshots\time_20240711_072027.jpg
Size 29.7KB
Processes 2976 (windowsjx.exe)
Type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5 755425ddcdd49a7ad481fccd606095c5
SHA1 28c8faaac89935c0d8ee422684a050ba6456842a
SHA256 83c605c88e0c4c9b1dc20ce71ec4b046a6f3ec816ba279c32ecd68e651160b85
CRC32 F2705B52
ssdeep 384:B7vLfr7LbgJOhooypmFf48Z3GUaf4xgCgrJ7ubaUyKM9:BjErqf48Z3GM+CgpubSKM9
Yara
  • JPEG_Format_Zero - JPEG Format
VirusTotal Search for analysis
Name 822cbb0bef4ca3df_install.vbs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\install.vbs
Size 392.0B
Processes 2768 (invoice_a_202.exe) 2844 (wscript.exe)
Type data
MD5 a709fe06db2d825ee491b8bac6569204
SHA1 add15c4998d5ed7ceb83714514a6285f52cfcecb
SHA256 822cbb0bef4ca3dff8f2ae70537a990a2c4330db5b484f5e51282cb43ece8e46
CRC32 F71EBBA0
ssdeep 12:4D8o++ugypjBQMBvFQ4lOnb5SprNF0M/0aimi:4Dh+S0FNObYrNF0Nait
Yara None matched
VirusTotal Search for analysis
Name a2eb8ec643b32f38_bqiniwtuyc.js
Submit file
Filepath C:\Users\test22\AppData\Roaming\bQiNiwTuYc.js
Size 3.6KB
Processes 2560 (wscript.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 794372001398b622ff579acfaef83033
SHA1 16a5959aff569a269103456b282dd803651f4e06
SHA256 a2eb8ec643b32f38c67006ea8b9ab00b449546b4869dd4e43fb45fc5fba45968
CRC32 78E752A2
ssdeep 96:00UAUU/bAuojKxyimicjumLmTVBedfwBvVBDUJDSCOPAtG8x7Op:00UAUUDAuom8ihcjumLmTVBedYtVBDUo
Yara None matched
VirusTotal Search for analysis